New COVID-19 phishing email impersonates campus leadership

Posted by Robert Turner on May 7, 2020

The UW–Madison Office of Cybersecurity is aware of an active COVID-19 related phishing campaign on campus where the attacker impersonates UW–Madison leadership. The email message asks recipients to check their status in their MyUW portal. This phishing attempt has targeted over 1800 recipients at UW–Madison. Please be vigilant if you receive an email from Chancellor Rebecca Blank asking you to “in response to covid-19 relief….. use your My UW portal to confirm your status”.

How can I identify this phishing attempt?

Be on alert for an email from the chancellor with this request: “In response to covid-19 relief, there is a new update on all staffs benefit. Kindly use the My UW portal to confirm your status.”

The email contains a link to a fake MyUW portal.

The scam attempts to obtain your credentials, including NetID password, full name, date of birth, social security number and address.

How can I learn how to recognize other phishing attempts?

If you are ever unsure whether an email message is legitimate, do not respond to it. Contact the DoIT Help Desk at https://kb.wisc.edu/helpdesk/ or at 608.264.4357 for advice. The UW–Madison Office of Cybersecurity will then block the criminal element from sending further emails and gather evidence for eventual prosecution of the crime.